Navigation :
Unusual Network Activity
Description
This anomaly contains a large number of detections for rare or unusual network interaction.
Content Mapping
This content is not mapped to any local saved search. Add mapping
Use Case
Advanced Threat Detection, Insider Threat, Security Monitoring
Category
Lateral Movement, Insider Threat, Account Compromise, Data Exfiltration
Alert Volume
Medium
(?)SPL Difficulty
None
Journey
Stage 4
MITRE ATT&CK Tactics
Command and Control
MITRE ATT&CK Techniques
Custom Cryptographic Protocol
Custom Command and Control Protocol
Uncommonly Used Port
MITRE Threat Groups
APT3
APT32
APT33
APT37
Gorgon Group
Group5
Lazarus Group
Magic Hound
OilRig
PLATINUM
TEMP.Veles
Data Sources
Network Communication